Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

NSA Search Engine Taps Into Global Comms to Intercept, Well, Everything

Edward Snowden has once again provided fodder for the surveillance fears of American citizens: New leaked documents show that the National Security Agency's (NSA's) XKeyscore search engine hoovers up vast amounts of private communications information, to the tune of 700,000 voice, fax and video files every day.

According to a report in The Intercept, XKeyscore doesn’t bother with intercepting last-mile telephone calls and the like. Oh no. It drinks directly from the hose: it taps into the billions off bits that are carried on the long-haul fiber-optic cables that make up the global communications network, including data on people's internet searches, documents, usernames, passwords, emails and chats, pictures, voice calls, webcam photos, advertising analytics traffic, social media traffic, botnet traffic, logged keystrokes, computer network exploitation (CNE) targeting, intercepted username and password pairs, file uploads to online services, VOIP streams taken from Skype sessions, etc. etc.

In other words, it absorbs everything.

XKeyscore is used by NSA intelligence agents as well as spooks in Canada, New Zealand and the UK (and possibly other allies) to target people by location, nationality and browsing histories. The NSA itself calls it "a fully distributed processing and query system that runs on machines around the world" with "the ability to scale in both processing power and storage."

The Intercept reported that in reality, the system collects vast amounts of the aforementioned data and keeps it for up to five days—what the NSA calls “full-take” data on people’s communications. And, it stores the metadata of this traffic for up to 45 days. Storage facilities consist of 700+ servers scattered around the world, including in the US, Mexico, Brazil, UK, Spain, Russia, Nigeria, Somalia, Pakistan, Japan, Australia, and many other countries.

In a statement, the NSA told The Intercept that there’s nothing untoward going on:

The National Security Agency’s foreign intelligence operations are 1) authorized by law; 2) subject to multiple layers of stringent internal and external oversight; and 3) conducted in a manner that is designed to protect privacy and civil liberties. As provided for by Presidential Policy Directive 28 (PPD-28), all persons, regardless of their nationality, have legitimate privacy interests in the handling of their personal information. NSA goes to great lengths to narrowly tailor and focus its signals intelligence operations on the collection of communications that are most likely to contain foreign intelligence or counterintelligence information.

What do you think?

What’s Hot on Infosecurity Magazine?